[PHP] Namespaced code with SabreDAV
Hello all, I am trying to use the wonderful SabreDAV library to create a webdav share. I have a demo up and running however the framework / class i'm using is namespaced, and SabreDAV unfortunately does not have a 5.3 style namespace declaration. I have an spl_autoload function registered in my base controller and so long as I prefix the classname with a \ it all works: $rootDirectory = new \Sabre_DAV_FS_Directory($rootDir); // The server object is responsible for making sense out of the WebDAV protocol $server = new \Sabre_DAV_Server($rootDirectory); However, SabreDAV it's self has a large amount of other PHP classes which it calls which obviously aren't prefixed with '\' Is there a way i can tell PHP any class name that get's instanciated with 'Sabre_' should resolve to '\Sabre' ? Many thanks Andrew -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Issues with simplexml_load_string()
It seems like when dealing with nodes which have CDATA, I cannot get access to both the attributes of that node and the CDATA of that node with the same simplexml_load_string() call. Consider the following: $previewString = 'rootmessage![CDATA[lkjlkjklj]]/messagebuttonsbutton name=Add Me![CDATA[This is my free form text]]/button/buttons/root'; When passing LIBXML_NOCDATA: echo 'pre' . print_r( json_decode( json_encode( (array)simplexml_load_string( $previewString, 'SimpleXMLElement', LIBXML_NOCDATA | LIBXML_NOBLANKS )), 1 ), TRUE ) . '/pre'; yields the following output : Array ( [message] = lkjlkjklj [buttons] = Array ( [button] = This is my free form text ) ) So I get the CDATA but I don't get the name attribute for the button. When not using LIBXML_NOCDATA: echo 'pre' . print_r( json_decode( json_encode( (array)simplexml_load_string( $previewString, 'SimpleXMLElement', LIBXML_NOBLANKS )), 1 ), TRUE ) . '/pre'; yields the following output : Array ( [message] = Array ( ) [buttons] = Array ( [button] = Array ( [@attributes] = Array ( [name] = Add Me ) ) ) ) I get the attributes but not the CDATA. Looking at the doc page for simplexml_load_string() (http://us.php.net/manual/en/function.simplexml-load-string.php and http://us.php.net/manual/en/libxml.constants.php), I don't see a way to get access to both. Am I missing something? Or is this really not possible? thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Namespaced code with SabreDAV
On Thu, Oct 6, 2011 at 7:37 AM, Andrew Mason slackma...@gmail.com wrote: Hello all, I am trying to use the wonderful SabreDAV library to create a webdav share. I have a demo up and running however the framework / class i'm using is namespaced, and SabreDAV unfortunately does not have a 5.3 style namespace declaration. I have an spl_autoload function registered in my base controller and so long as I prefix the classname with a \ it all works: $rootDirectory = new \Sabre_DAV_FS_Directory($rootDir); // The server object is responsible for making sense out of the WebDAV protocol $server = new \Sabre_DAV_Server($rootDirectory); However, SabreDAV it's self has a large amount of other PHP classes which it calls which obviously aren't prefixed with '\' Is there a way i can tell PHP any class name that get's instanciated with 'Sabre_' should resolve to '\Sabre' ? Many thanks Andrew If my memory serves regarding PHP's namespace, you could build something like this $file = APP_DIR.'\'.$class; if( file_exists( $file ) ) require_once $file; into your autoloader. You may have to adjust '/' to/from '\\' depending on your platform or you can use the constant DIRECTORY_SEPARATOR in the full path to the class. Then you don't need add \ before your class to instantiate. I don't know how the SabreDAV framework looks like but you may want to look at how Zend framework loads their class as to give you some idea what you may need to do in your autoload to circumvent SabreDAV being not 5.3 namespace declaration. You may also want to take a look at CodeIgniter's autoloading mechanism. Regards, Tommy
[PHP] Issues with simplexml_load_string()
It seems like when dealing with nodes which have CDATA, I cannot get access to both the attributes of that node and the CDATA of that node with the same simplexml_load_string() call. Consider the following: $previewString = 'rootmessage![CDATA[lkjlkjklj]]/messagebuttonsbutton name=Add Me![CDATA[This is my free form text]]/button/buttons/root'; When passing LIBXML_NOCDATA: echo 'pre' . print_r( json_decode( json_encode( (array)simplexml_load_string( $previewString, 'SimpleXMLElement', LIBXML_NOCDATA | LIBXML_NOBLANKS )), 1 ), TRUE ) . '/pre'; yields the following output : Array ( [message] = lkjlkjklj [buttons] = Array ( [button] = This is my free form text ) ) So I get the CDATA but I don't get the name attribute for the button. When not using LIBXML_NOCDATA: echo 'pre' . print_r( json_decode( json_encode((array)simplexml_load_string( $previewString, 'SimpleXMLElement', LIBXML_NOBLANKS )), 1 ), TRUE ) . '/pre'; yields the following output : Array ( [message] = Array ( ) [buttons] = Array ( [button] = Array ( [@attributes] = Array ( [name] = Add Me ) ) ) ) I get the attributes but not the CDATA. Looking at the doc page for simplexml_load_string() (http://us.php.net/manual/en/function.simplexml-load-string.php and http://us.php.net/manual/en/libxml.constants.php), I don't see a way to get access to both. Am I missing something? Or is this really not possible? thnx, Christoph -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
[PHP] Problem with code...
Hi everyone, Have a question about this block of code ?PHP //SETUP VARIABLES $mailTo = li...@pruimphotography.com; $mailFrom = li...@pruimphotography.com; //These 2 can be changed IF you know what you are doing and why! $returnPath = $mailFrom; $replyTo = $mailFrom; $mailSubject = New Convention registration!; $message = ; //DO NOT CHANGE UNDER PENALITY OF BEING SLAPPED WITH A WET NOODLE!!! $headers = From: .$mailFrom.\n; $headers .= Return-Path: .$returnPath.\n; $headers .= Reply-To: .$replyTo.\n; function send_email($mailTo, $mailSubject, $mailMessage, $headers) { if(mail( $mailTo, $mailSubject, $mailMessage, $headers )) { $message = Thank you for registering!; }else { echo There was an issue with your registration.. Please try again later; } }//Close Function if(!empty($errorCount)) { }else { //Build Email message $mailmessage = Full Name: . $_POST['firstname'] . . $_POST['lastname'] . \n\n; $mailmessage .= Address: . $_POST['address'] . \n\n; $mailmessage .= City, State, Zip: . $_POST['city'] . . $_POST['state'] . . $_POST['zip'] . \n\n; $mailmessage .= Phone: . $_POST['phone'] . \n\n; $mailmessage .= Email address: . $_POST['email'] . \n\n; if($_POST['affiliation'] == NFBOther) { $mailmessage .= Chapter Affiliation: . $_POST['other'] . \n\n; }else{ $mailmessage .= Chapter Affiliation: . $_POST['affiliation'] . \n\n; } if($_POST['person'] ==Other){ $mailmessage .= Who will pick up the ticket? . $_POST['Pfirstname'] . . $_POST['Llastname'] . \n\n; }else{ $mailmessage .= Who will pick up the ticket? I will pick it up my self! \n\n; } $mailmessage .= Payment Method: . $_POST['paymentMethod']; send_email($mailTo, $mailSubject, $mailmessage, $headers); } ? Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Anyone have any ideas? I'm stumped Jason Pruim li...@pruimphotography.com -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with code...
On 2011-10-06, at 6:28 PM, Jason Pruim wrote: ?PHP //SETUP VARIABLES $mailTo = li...@pruimphotography.com; $mailFrom = li...@pruimphotography.com; //These 2 can be changed IF you know what you are doing and why! $returnPath = $mailFrom; $replyTo = $mailFrom; $mailSubject = New Convention registration!; $message = ; //DO NOT CHANGE UNDER PENALITY OF BEING SLAPPED WITH A WET NOODLE!!! $headers = From: .$mailFrom.\n; $headers .= Return-Path: .$returnPath.\n; $headers .= Reply-To: .$replyTo.\n; function send_email($mailTo, $mailSubject, $mailMessage, $headers) { if(mail( $mailTo, $mailSubject, $mailMessage, $headers )) { $message = Thank you for registering!; }else { echo There was an issue with your registration.. Please try again later; } }//Close Function if(!empty($errorCount)) { }else { //Build Email message $mailmessage = Full Name: . $_POST['firstname'] . . $_POST['lastname'] . \n\n; $mailmessage .= Address: . $_POST['address'] . \n\n; $mailmessage .= City, State, Zip: . $_POST['city'] . . $_POST['state'] . . $_POST['zip'] . \n\n; $mailmessage .= Phone: . $_POST['phone'] . \n\n; $mailmessage .= Email address: . $_POST['email'] . \n\n; if($_POST['affiliation'] == NFBOther) { $mailmessage .= Chapter Affiliation: . $_POST['other'] . \n\n; }else{ $mailmessage .= Chapter Affiliation: . $_POST['affiliation'] . \n\n; } if($_POST['person'] ==Other){ $mailmessage .= Who will pick up the ticket? . $_POST['Pfirstname'] . . $_POST['Llastname'] . \n\n; }else{ $mailmessage .= Who will pick up the ticket? I will pick it up my self! \n\n; } $mailmessage .= Payment Method: . $_POST['paymentMethod']; send_email($mailTo, $mailSubject, $mailmessage, $headers); } ? Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Anyone have any ideas? I'm stumped Hi there. First thought is perhaps it is not getting a value for paymentMethod and if it doesn't exist, will the line still get added? I would always check to see if every post variable isset, before adding the line. Can write a default line in its place if missing. George Langley Interactive Developer RIP, Mr. Jobs.
Re: [PHP] Problem with code...
Jason Pruim li...@pruimphotography.com On Oct 6, 2011, at 9:04 PM, George Langley wrote: On 2011-10-06, at 6:28 PM, Jason Pruim wrote: ?PHP //SETUP VARIABLES $mailTo = li...@pruimphotography.com; $mailFrom = li...@pruimphotography.com; //These 2 can be changed IF you know what you are doing and why! $returnPath = $mailFrom; $replyTo = $mailFrom; $mailSubject = New Convention registration!; $message = ; //DO NOT CHANGE UNDER PENALITY OF BEING SLAPPED WITH A WET NOODLE!!! $headers = From: .$mailFrom.\n; $headers .= Return-Path: .$returnPath.\n; $headers .= Reply-To: .$replyTo.\n; function send_email($mailTo, $mailSubject, $mailMessage, $headers) { if(mail( $mailTo, $mailSubject, $mailMessage, $headers )) { $message = Thank you for registering!; }else { echo There was an issue with your registration.. Please try again later; } }//Close Function if(!empty($errorCount)) { }else { //Build Email message $mailmessage = Full Name: . $_POST['firstname'] . . $_POST['lastname'] . \n\n; $mailmessage .= Address: . $_POST['address'] . \n\n; $mailmessage .= City, State, Zip: . $_POST['city'] . . $_POST['state'] . . $_POST['zip'] . \n\n; $mailmessage .= Phone: . $_POST['phone'] . \n\n; $mailmessage .= Email address: . $_POST['email'] . \n\n; if($_POST['affiliation'] == NFBOther) { $mailmessage .= Chapter Affiliation: . $_POST['other'] . \n\n; }else{ $mailmessage .= Chapter Affiliation: . $_POST['affiliation'] . \n\n; } if($_POST['person'] ==Other){ $mailmessage .= Who will pick up the ticket? . $_POST['Pfirstname'] . . $_POST['Llastname'] . \n\n; }else{ $mailmessage .= Who will pick up the ticket? I will pick it up my self! \n\n; } $mailmessage .= Payment Method: . $_POST['paymentMethod']; send_email($mailTo, $mailSubject, $mailmessage, $headers); } ? Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Anyone have any ideas? I'm stumped Hi there. First thought is perhaps it is not getting a value for paymentMethod and if it doesn't exist, will the line still get added? I would always check to see if every post variable isset, before adding the line. Can write a default line in its place if missing. The variable is being set with a default value of nothing else... But for some reason it's not bringing it through when the form is submitted... Any other ideas? hehe :) -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with code...
On Thu, Oct 6, 2011 at 7:29 PM, Jason Pruim li...@pruimphotography.comwrote: Jason Pruim li...@pruimphotography.com On Oct 6, 2011, at 9:04 PM, George Langley wrote: On 2011-10-06, at 6:28 PM, Jason Pruim wrote: ?PHP //SETUP VARIABLES $mailTo = li...@pruimphotography.com; $mailFrom = li...@pruimphotography.com; //These 2 can be changed IF you know what you are doing and why! $returnPath = $mailFrom; $replyTo = $mailFrom; $mailSubject = New Convention registration!; $message = ; //DO NOT CHANGE UNDER PENALITY OF BEING SLAPPED WITH A WET NOODLE!!! $headers = From: .$mailFrom.\n; $headers .= Return-Path: .$returnPath.\n; $headers .= Reply-To: .$replyTo.\n; function send_email($mailTo, $mailSubject, $mailMessage, $headers) { if(mail( $mailTo, $mailSubject, $mailMessage, $headers )) { $message = Thank you for registering!; }else { echo There was an issue with your registration.. Please try again later; } }//Close Function if(!empty($errorCount)) { }else { //Build Email message $mailmessage = Full Name: . $_POST['firstname'] . . $_POST['lastname'] . \n\n; $mailmessage .= Address: . $_POST['address'] . \n\n; $mailmessage .= City, State, Zip: . $_POST['city'] . . $_POST['state'] . . $_POST['zip'] . \n\n; $mailmessage .= Phone: . $_POST['phone'] . \n\n; $mailmessage .= Email address: . $_POST['email'] . \n\n; if($_POST['affiliation'] == NFBOther) { $mailmessage .= Chapter Affiliation: . $_POST['other'] . \n\n; }else{ $mailmessage .= Chapter Affiliation: . $_POST['affiliation'] . \n\n; } if($_POST['person'] ==Other){ $mailmessage .= Who will pick up the ticket? . $_POST['Pfirstname'] . . $_POST['Llastname'] . \n\n; }else{ $mailmessage .= Who will pick up the ticket? I will pick it up my self! \n\n; } $mailmessage .= Payment Method: . $_POST['paymentMethod']; send_email($mailTo, $mailSubject, $mailmessage, $headers); } ? Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Anyone have any ideas? I'm stumped Hi there. First thought is perhaps it is not getting a value for paymentMethod and if it doesn't exist, will the line still get added? I would always check to see if every post variable isset, before adding the line. Can write a default line in its place if missing. The variable is being set with a default value of nothing else... But for some reason it's not bringing it through when the form is submitted... Any other ideas? hehe :) Have you tested with the same payment method to see if somewhere in your code or a hiccup in the server is causing the problem? Does that happen to any or certain payment method (including blank entry)? I'm guessing it may happen with only certain payment method. From the line if(!empty($errorCount)) {, I presume you have a mechanism in place to sanitize and validate inputs? I'd suggest you start troubleshooting from there. If this is still development phase, try to bypass that mechanism for a quick confirmation that is causing the problem. Regards, Tommy
Re: [PHP] Namespaced code with SabreDAV
On Thu, Oct 6, 2011 at 1:45 PM, Tommy Pham tommy...@gmail.com wrote: On Thu, Oct 6, 2011 at 7:37 AM, Andrew Mason slackma...@gmail.com wrote: Hello all, I am trying to use the wonderful SabreDAV library to create a webdav share. I have a demo up and running however the framework / class i'm using is namespaced, and SabreDAV unfortunately does not have a 5.3 style namespace declaration. I have an spl_autoload function registered in my base controller and so long as I prefix the classname with a \ it all works: $rootDirectory = new \Sabre_DAV_FS_Directory($rootDir); // The server object is responsible for making sense out of the WebDAV protocol $server = new \Sabre_DAV_Server($rootDirectory); However, SabreDAV it's self has a large amount of other PHP classes which it calls which obviously aren't prefixed with '\' Is there a way i can tell PHP any class name that get's instanciated with 'Sabre_' should resolve to '\Sabre' ? Many thanks Andrew If my memory serves regarding PHP's namespace, you could build something like this $file = APP_DIR.'\'.$class; if( file_exists( $file ) ) require_once $file; into your autoloader. You may have to adjust '/' to/from '\\' depending on your platform or you can use the constant DIRECTORY_SEPARATOR in the full path to the class. Then you don't need add \ before your class to instantiate. I don't know how the SabreDAV framework looks like but you may want to look at how Zend framework loads their class as to give you some idea what you may need to do in your autoload to circumvent SabreDAV being not 5.3 namespace declaration. You may also want to take a look at CodeIgniter's autoloading mechanism. Regards, Tommy Here's another idea that you could do with the autoloader. The autoloader is slightly modified from PureMVC's site to suit my needs. Using namespace and everything that's PHP v5.3+, this is part of PureMVC framework that I've ported over from the original Flash code a while back. define( 'PMVC_BASE_DIR', str_replace( '\\', '/', __DIR__ ).'/' ); function __autoload( $class ) { if( stristr( $class, '\\' ) ) { $file = APP_DIR.str_replace( '\\', '/', $class ).EXT; if( file_exists( $file ) ) require_once $file; else throw new \Exception( 'Unable to find class '.$class. ' in the expected location '.$file ); } else { $_basePaths = array( PMVC_BASE_DIR.'org/puremvc/php/patterns/facade/', PMVC_BASE_DIR.'org/puremvc/php/interfaces/', PMVC_BASE_DIR.'org/puremvc/php/core/', PMVC_BASE_DIR.'org/puremvc/php/patterns/', PMVC_BASE_DIR.'org/puremvc/php/patterns/command/', PMVC_BASE_DIR.'org/puremvc/php/patterns/mediator/', PMVC_BASE_DIR.'org/puremvc/php/patterns/observer/', PMVC_BASE_DIR.'org/puremvc/php/patterns/proxy/' ); $classPaths = array_merge( explode( PATH_SEPARATOR, get_include_path() ), $_basePaths ); foreach( $classPaths as $classPath ) { $path = $classPath.$class.EXT; if( file_exists( $path ) ) { require_once $path; return; } } throw new \Exception( 'Unable to find class '.$class.' in '. implode( PATH_SEPARATOR, $classPaths ) ); } }
Re: [PHP] Re: Secure data management
http://stut.net/2011/09/15/mysql-real-escape-string-is-not-enough/ Hi everyone I have read many many articles and blog posts in the last few days to bolster my (still mostly newbie) understanding of the factors that play in to preventing various methods of SQL injection prevention.. and by now I am well aware that most everyone (expert) here says prepared statements are the most secure method of (string hacking) SQL-injection prevention.. even to the point of saying that one common (and at least previously-popular) alternative mysql-real-escape-string is ..silly and technically insecure... I am learning and using the CodeIgniter (CI) framework for my current project and, not wanting to leave myself vulnerable, I read posts on the CI forum on this topic, to find out if I could (or needed) to use prepared statements in CI.. and I read one forum thread where one dev shows how to hack the core system of CI so that it can use PDO (for prepared statements) instead of the built-in ActiveRecord (or Query Bindings) which apparently rely on mysql-real-escape-string. In that thread, the debate goes back and forth, as it does in other threads.. and while the sentiment that prepared statements are better because they remove the need to keep being ahead of the char-escaping chase... I never did see any example of *how* mysql-real-escape-string fails. The only thing I ever read that does show mysql-real-escape-string possibly failing is in the example in this article: http://shiflett.org/blog/2006/jan/addslashes-versus-mysql-real-escape-string or rather an article referred to there, here: http://ilia.ws/archives/103-mysql_real_escape_string-versus-Prepared-Statements.html ..which only comes up in certain circumstances.. ([snip]..The bottom line while the problem is serious, it would only affect people changing character sets from single-byte encodings to multibyte ones. As long as you stay away from multibyte encodings, with the exception of UTF8 you should be safe...[snip]). All well and good. I just wanted to understand, as a relative newbie, why such bold seemingly definitive statements are made here on this list in recent weeks, like .. escaping doesn't work.. ? http://marc.info/?l=php-generalm=131293616328301w=2 http://marc.info/?l=php-generalm=131603743606025w=2 Isn't it that it does work in most cases.. and one just needs to know in which cases it can fail, and how to handle things in each case? I totally get the point that prepared statements just remove so much of the head pressure of sorting all this out.. BUT when someone (mostly new) like me comes along and hears that mysql-real-escape-string is simply not secure, then it just gives an unclear and incomplete picture, and creates more head pressure. Or is there definitive evidence, more recent than the above-mentioned articles, that shows how to hack through mysql-real-escape-string even in an SQL statement e.g. inserting into a UTF8 db, a properly escaped (mysql-real-escape-string) var? In case my post here is lacking understanding, then please forgive.. and better yet, please explain! I post/ask because I am wanting to SEE the whole everything like you few experts here who really know exactly what everyone is talking about (or when they are just groping in the dark). -Govinda -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Re: [PHP] Problem with code...
On Thu, Oct 6, 2011 at 7:28 PM, Jason Pruim li...@pruimphotography.com wrote: Have a question about this block of code I'm not seeing anything immediately standing out as a problem. Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Can you see if the last line is actually in $mailmessage before sending the email? Maybe it's somehow getting truncated during the mail step. -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
Fwd: [PHP] Problem with code...
On Thu, Oct 6, 2011 at 7:28 PM, Jason Pruim li...@pruimphotography.com wrote: Have a question about this block of code I'm not seeing anything immediately standing out as a problem. Sometimes... It is dropping the last $mailmessage line... The payment method in the actual email it sends... Can you see if the last line is actually in $mailmessage before sending the email? Maybe it's somehow getting truncated during the mail step. *Update:* I just noticed this. The last line has no \r\n termination. I'm thinking that may be necessary for some mailers/transports/etc? -- PHP General Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php